Sap Grc Consultant at Aspiree, Inc in Metro Manila
Job descriptionThe Technology Compliance Analyst/ Senior Analyst will be responsible for assessing the security and compliance requirements, industry best practices, and customer commitments. The role will support both the Vendor Assessment Program (VAP) and Technology Risk and Control Monitoring (TRCM) program. The individual must have experience interacting with process owners, testing and documenting large control sets, handling inquiries from external auditors, and assessing security/compliance risk. The role will be heavily focused on evaluating technology controls both internally and at our global vendors. The vendor assessment process incorporates controls from a variety of assessment frameworks (e.g., SOC, ISO, FedRamp, HIPAA, HITRUST and PCI) and is regularly updated to address upcoming industry risks.Support the implementation of the strategic vision for Technical Compliance that are aligned to the company's focus on trust.Evaluate new and evolving regulations programs.Assess potential regulatory changes for impact to technology compliance objectives.Translate regulatory requirements to internal business partners and drive alignment on compliance requirements.Plan and execute audits of global vendors (Data Centers and Business Process Outsourcing (BPO)) control environment; focusing on technology controls. Support onsite vendor assessments in the U.S. and internationally.Assess vendors for compliance with contractual agreements and compliance requirements. Assess potential business changes for impact to compliance objectives.Perform controls testing, document results, and provide detailed updates to leadership, vendors, and other internal stakeholders.Proactively identify gaps or conflicts in existing processes and drive remediation of control deficiencies identified during the audit process.Assist with the education and training of process/control owners so they better understand the technology controls framework and their responsibilities.Support the implementation of the strategic vision for Technical Compliance that aligns to the company's focus on trust.Build strong relationships with business partners (Information Security/Security GRC, Internal IT, Legal, Engineering and Products team) and facilitate continuous improvement aligned with operational processes.Effectively communicate program execution status, key accomplishments, and risks to management both within the compliance center and to our business partners.Drive continuous improvement by interfacing with internal business partners and leveraging prior IT audit experience to add value.Experience and Qualifications:2-6 years of compliance, risk, IT operations or security experience, with supporting certifications (e.g., CISA, CRISC, CISSP). (Preferably with a Big 4.)Bachelor of Science degree in Management Information Systems, Computer Science, or a related technical field required.Experience in a compliance and regulatory environment related across industries and geographies such as PCI, ISO27001, SOC, HIPAA, SOX,Fedramp, is desiredExperience developing, championing, and managing internal compliance programs.Familiarity with multiple technology “backbones” and related supporting infrastructure.Analytical thinker who is highly organized and pays close attention to detail.Strong written and verbal communication skills; ability to effectively communicate and obtain buy-in at all levels of the organization and with internal stakeholders across the business.Ability to work efficiently with minimal direction and/or oversight as well as part of multiple project teams simultaneously.A “whatever it takes to get the job done” attitude (i.e., pick up the phone, stop by a desk, follow-up multiple times) with comfort working in a fast-paced, dynamic environment. '); }else{ //ambient pc code document.write(' var gax_wid = 1464591839; var gax_zid = 1501224957; var gax_w =640; var gax_h =360; var gax_skip =5; var gax_flash =true; var gax_content_id = ".detail"; var gax_position=0; '); }We know that resume is a must to apply for a job. If you don't have one or yours is already obsolete. HireMe.ph gives you free editable resume templates here.
